Cisco IOS Scripting with Tcl

The Cisco IOS Scripting with Tcl feature provides the ability to run Tool Command Language (Tcl) version 8.3.4 commands from the Cisco IOS command-line interface (CLI).

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for Cisco IOS Scripting with Tcl" section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.An account on Cisco.com is not required.

Prerequisites for Cisco IOS Scripting with Tcl

•Familiarity with Tcl programming and Cisco IOS commands is required.

•Tcl commands can be executed from the Tcl configuration mode using the Cisco IOS CLI. Tcl configuration mode is accessed from privileged EXEC mode. Access to privileged EXEC mode should be managed by restricting access using the enable command password.

Restrictions for Cisco IOS Scripting with Tcl

•If Cisco IOS configuration commands are used within the Tcl scripts, submode commands must be entered as quoted arguments on the same line as the configuration command.

•Error messages are provided, but you must check that the Tcl script will run successfully because errors may cause the Tcl shell to run in an infinite loop.

Caution The use of Tcl server sockets to listen to telnet and FTP ports (23 and 21 respectively) will preempt the normal handling of these ports in Cisco IOS software.

•Table 1lists Tcl commands and library calls that do not behave within Cisco IOS software as documented in standard Tcl documents.

When the CLI tclsh command is used, there is no event loop implemented unless Embedded Syslog Manager (ESM) is active on the same router. Commands entered using the after Tcl command will not run unless forced using the update command. Sleep mode (the after command) works only with the ms keyword.

file

-time

atime

No

The optional -time keyword to set the file access time is not supported in Cisco IOS software.

file

-time

mtime

No

The optional -time keyword to set the file modification time is not supported in Cisco IOS software.

fileevent

Partially

When the CLI tclsh command is used, there is no event loop implemented unless Embedded Syslog Manager (ESM) is active on the same router. Commands entered using the fileevent Tcl command will not run unless forced using the update command.

history

!n

Partially

The !n shortcut does not work in Cisco IOS software. Use the history Tcl command with the redo n keyword.

load

No

When the CLI load command is used, an error message stating "dynamic loading not available on this system" is displayed.

Information About Cisco IOS Scripting with Tcl

To create and use Tcl scripts within Cisco IOS software, you should understand the following concepts:

Tcl Shell for Cisco IOS Software

The Cisco IOS Tcl shell was designed to allow customers to run Tcl commands directly from the Cisco IOS CLI prompt. Cisco IOS software does contain some subsystems such as Embedded Syslog Manager (ESM) and Interactive Voice Response (IVR) that use Tcl interpreters as part of their implementation. These subsystems have their own proprietary commands and keyword options that are not available in the Tcl shell.

Several methods have been developed for creating and running Tcl scripts within Cisco IOS software. A Tcl shell can be enabled, and Tcl commands can be entered line by line. After Tcl commands are entered, they are sent to a Tcl interpreter. If the commands are recognized as valid Tcl commands, the commands are executed and the results are sent to the TTY device. If a command is not a recognized Tcl command, it is sent to the Cisco IOS CLI parser. If the command is not a Tcl or Cisco IOS command, two error messages are displayed. A predefined Tcl script can be created outside of Cisco IOS software, transferred to flash or disk memory, and run within Cisco IOS software. It is also possible to create a Tcl script and precompile the code before running it under Cisco IOS software.

Multiple users on the same router can be in Tcl configuration mode at the same time without interference because each Tcl shell session launches a separate interpreter and Tcl server process. The TTY interface number served by each Tcl process is represented in the server process name and can be displayed using the show process CLI command.

The Tcl shell can be used to run Cisco IOS CLI EXEC commands within a Tcl script. Using the Tcl shell to run CLI commands allows customers to build menus to guide novice users through tasks, to automate repetitive tasks, and to create custom output for show commands.

Tcl Precompiler

The Cisco IOS Tcl implementation offers support for loading scripts that have been precompiled by the TclPro precompiler. Precompiled scripts allow a measure of security and consistency because they are obfuscated.

SNMP MIB Object Access

Designed to make access to Simple Network Management Protocol (SNMP) MIB objects easier, a set of UNIX-like SNMP commands has been created. The Tcl shell is enabled either manually or by using a Tcl script, and the new commands can be entered to allow you to perform specified get and set actions on MIB objects. To increase usability, the new commands have names similar to those used for UNIX SNMP access. To access the SNMP commands go to, "Using the Tcl Shell to Access SNMP MIB Objects" section.

•Use the community-string argument to specify the SNMP community from which the objects will be retrieved.

•Use the non-repeaters argument to specify the number of objects that can be retrieved with a get-next operation.

•Use the max-repetitions argument to specify the maximum number of get-next operations to attempt while trying to retrieve the remaining objects.

•Use the oid argument to specify the object ID(s) to retrieve.

snmp_getid

Retrieves the following variables from the SNMP entity on the router:

•sysDescr.0

•sysObjectID.0

•sysUpTime.0

•sysContact.0

•sysName.0

•sysLocation.0

This command is similar to the SNMP getid command. The syntax is in the following format:

snmp_getidcommunity-string

snmp_getnext

Retrieves a set of individual variables from the SNMP entity on the router. This command is similar to the SNMP getnext command. The syntax is in the following format:

snmp_getnextcommunity-stringoid [oid2oid3...]

snmp_getone

Retrieves a set of individual variables from the SNMP entity on the router. This command is similar to the SNMP getone command. The syntax is in the following format:

snmp_getonecommunity-stringoid [oid2oid3...]

snmp_setany

Retrieves the current values of the specified variables and then performs a set request on the variables. This command is similar to the SNMP setany command. The syntax is in the following format:

snmp_setanycommunity-stringoid type val [oid2type2 val2...]

•Use the type argument to specify the type of object to retrieve. The type can be one of the following:

–-i—Integer. A 32-bit number used to specify a numbered type within the context of a managed object. For example, to set the operational status of a router interface, 1 represents up and 2 represents down.

–-u—Unsigned32. A 32-bit number used to represent decimal values in the range from 0 to 232 - 1 inclusive.

–-c—Counter32. A 32-bit number with a minimum value of 0 and a maximum value of 232 - 1. When the maximum value is reached, the counter resets to 0 and starts again.

–-g—Gauge. A 32-bit number with a minimum value of 0 and a maximum value of 232 - 1. The number can increase or decrease at will. For example, the interface speed on a router is measured using a gauge object type.

Enabling the Tcl Shell and Using the CLI to Enter Commands

Perform this task to enable the interactive Tcl shell and to enter Tcl commands line by line through the Cisco IOS CLI prompt. Optional steps include specifying a default location for encoding files and specifying an initialization script.

Commands entered in Tcl configuration mode are sent first to the interactive Tcl interpreter. If the command is not a valid Tcl command, it is then sent to the CLI parser.

Step 9

ios_config "cmd" "cmd-option"

Example:

Router(tcl)# ios_config "interface Ethernet 2/0" "no keepalive"

(Optional) Modifies the router configuration using a Tcl script by specifying the Tcl command ios_config with CLI commands and options. All arguments and submode commands must be entered on the same line as the CLI configuration command.

•In this example, the first argument in quotes configures an Ethernet interface and enters interface configuration mode. The second argument in quotes sets the keepalive option. If these two CLI statements were entered on separate Tcl command lines, the configuration would not work.

Specifies the client socket and allows a TCL interpreter to connect via TCP over IPv4/IPv6 and opens a TCP network connection. You can specify a port and host to connect to; there must be a server to accept connections on this port.

•-myaddraddr—domain name or numerical IP address of the client-side network interface required for the connection. Use this option especially if the client machine has multiple network interfaces.

•-myportport— port number that is required for the client's connection.

•-myvrf [vrf_table_name]—specifies the vrf table name. If the vrf table is not configured, then the command will return a TCL_ERROR.

Step 11

socket-server-myaddraddr -myvrfvrf-table-nameport

Example:

Router(tcl)# socket -server test -myvrf testvrf 12348

Specifies the server socket and allows a TCL interpreter to connect via TCP over IPv4/IPv6 and opens a TCP network connection. If the port is zero, Cisco IOS will allocate a free port to the server socket by using fconfigure command to read the -sock0 argument.

•-myaddraddr—domain name or numerical IP address of the client-side network interface required for the connection. Use this option especially if the client machine has multiple network interfaces.

•-myvrfvrf—specifies the vrf table name. If the vrf table is not configured, then the command will return a TCL_ERROR and append "Cannot obtain VRF Table ID for VRF_table_name" to the interpreter result.

•In case of UDP sockets that are created using the udp_open, the UDP socket can be mapped to a VRF using the fconfigure command.

•This command can also be used to display the properties of the channel.

•-broadcast—enables or disables the broadcasting.

Step 13

udp_open -ipv6port

Example:

Router(tcl)# udp_open -ipv6 56005

Opens a UDP socket.

•If a port is specified the UDP socket will be opened on that port. Otherwise the system will choose a port and you can use the fconfigure command to obtain the port number, if required. If -ipv6 argument is specified, the socket will be opened specifying the AF_INET6 protocol family.

•Use the community-string argument to specify the SNMP community from which the objects will be retrieved.

•Use the non-repeaters argument to specify the number of objects that can be retrieved with a get-next operation.

•Use the max-repetitions argument to specify the maximum number of get-next operations to attempt while trying to retrieve the remaining objects.

•Use the oid argument to specify the object ID(s) to retrieve.

Step 9

snmp_getid community-string

Example:

Router(tcl)# snmp_getid private

(Optional) Retrieves the following variables from the SNMP entity on the router: sysDesrc.0, sysObjectID.0, sysUpTime.0, sysContact.0, sysName.0, and sysLocation.0.

•Use the community-string argument to specify the SNMP community from which the objects will be retrieved.

Step 10

snmp_getnext community-string oid [oid2 oid3...]

Example:

Router(tcl)# snmp_getnext public 1.3.6.1.2.1.1.1.0 1.3.6.1.2.1.1.2.0

(Optional) Retrieves a set of individual variables from a MIB table.

•Use the community-string argument to specify the SNMP community from which the objects will be retrieved.

•Use the oid argument to specify the object ID(s) to retrieve.

Step 11

snmp_getone community-string oid [oid2 oid3...]

Example:

Router(tcl)# snmp_getone public 1.3.6.1.2.1.1.1.0 1.3.6.1.2.1.1.2.0

(Optional) Retrieves a set of individual variables from a MIB table.

•Use the community-string argument to specify the SNMP community from which the objects will be retrieved.

•Use the oid argument to specify the object ID(s) to retrieve.

Step 12

snmp_setany community-string oid type val [oid2 type2 val2...]

Example:

Router(tcl)# snmp_setany private 1.3.6.1.2.1.1.5.0 -d TCL-SNMP_TEST

(Optional) Retrieves current values of specified variables from a MIB table and then performs a set request on the variables.

•Use the community-string argument to specify the SNMP community from which the values of objects will be retrieved and then set.

•Use the oid argument to specify the object ID(s) to retrieve and set.

•Use the type argument to specify the type of object to retrieve and set.

•Use the val argument to specify the value of the object to be retrieved and then set.

Step 13

exit

Example:

Router(tcl)# exit

Exits Tcl configuration mode and returns to privileged EXEC mode.

Troubleshooting Tips

Use the Tcl puts command in a Tcl script to trace command execution.

Running Predefined Tcl Scripts

Perform this optional task to run a predefined Tcl script in Cisco IOS software.

Prerequisites

Before performing this task, you must create a Tcl script that can run on Cisco IOS software. The Tcl script may be transferred to internal flash memory using any file system that the Cisco IOS file system (IFS) supports, including TFTP, FTP, and rcp. The Tcl script may also be sourced from a remote location.

SUMMARY STEPS

1. enable

2. tclsh

3. Enter the Tcl source command with the filename and path.

4. exit

DETAILED STEPS

Command or Action

Purpose

Step 1

enable

Example:

Router> enable

Enables privileged EXEC mode.

•Enter your password if prompted.

Step 2

tclsh

Example:

Router# tclsh

Enables the interactive Tcl shell and enters Tcl configuration mode.

Step 3

Enter the Tcl source command with the filename and path.

Example:

Router(tcl)# source slot0:test.tcl

Commands entered in Tcl configuration mode are sent first to the interactive Tcl interpreter. If the command is not a valid Tcl command, it is then sent to the CLI parser.

Configuration Examples for Cisco IOS Scripting with Tcl

Example: Tcl Script Using the show interfaces Command

Using the Tcl regular expression engine, scripts can filter specific information from show commands and present it in a custom format. The following is an example of filtering the show interfaces command output and creating a comma-separated list of BRI interfaces on the router:

Example: Tcl Script for SMTP Support

The following Tcl script is useful for sending e-mail messages from a router.

##

## Place required comments here!!!

##

package provide sendmail 2.0

# Sendmail procedure for Support

namespace eval ::sendmail {

namespace export initialize configure sendmessage sendfile

array set ::sendmail::sendmail {

smtphost mailhub

from ""

friendly ""

}

proc configure {} {}

proc initialize {smtphost from friendly} {

variable sendmail

if {[string length $smtphost]} then {

set sendmail(smtphost) $smtphost

}

if {[string length $from]} then {

set sendmail(from) $from

}

if {[string length $friendly]} then {

set sendmail(friendly) $friendly

}

}

proc sendmessage {toList subject body {tcl_trace 0}} {

variable sendmail

set smtphost $sendmail(smtphost)

set from $sendmail(from)

set friendly $sendmail(friendly)

if {$trace} then {

puts stdout "Connecting to $smtphost:25"

}

set sockid [socket $smtphost 25]

## DEBUG

set status [catch {

puts $sockid "HELO $smtphost"

flush $sockid

set result [gets $sockid]

if {$trace} then {

puts stdout "HELO $smtphost\n\t$result"

}

puts $sockid "MAIL From:<$from>"

flush $sockid

set result [gets $sockid]

if {$trace} then {

puts stdout "MAIL From:<$from>\n\t$result"

}

foreach to $toList {

puts $sockid "RCPT To:<$to>"

flush $sockid

}

set result [gets $sockid]

if {$trace} then {

puts stdout "RCPT To:<$to>\n\t$result"

}

puts $sockid "DATA "

flush $sockid

set result [gets $sockid]

if {$trace} then {

puts stdout "DATA \n\t$result"

}

puts $sockid "From: $friendly <$from>"

foreach to $toList {

puts $sockid "To:<$to>"

}

puts $sockid "Subject: $subject"

puts $sockid "\n"

foreach line [split $body "\n"] {

puts $sockid " $line"

}

puts $sockid "."

puts $sockid "QUIT"

flush $sockid

set result [gets $sockid]

if {$trace} then {

puts stdout "QUIT\n\t$result"

}

} result]

catch {close $sockid }

if {$status} then {

return -code error $result

}

return

}

proc sendfile {toList filename subject {tcl_trace 0}} {

set fd [open $filename r]

sendmessage $toList $subject [read $fd] $trace

return

}

}

Example: Tcl Script for SNMP MIB Access

Using the Tcl shell, Tcl commands can perform actions on MIBs. The following example shows how to set up the community access strings to permit access to SNMP. Public access is read-only, but private access is read-write. The following example shows how to retrieve a large section of a table at once using the snmp_getbulk Tcl command extension.

Two arguments, non-repeaters and max-repetitions, must be set when an snmp_getbulk command is issued. The non-repeaters argument specifies that the first N objects are to be retrieved with a simple snmp_getnext operation. The max-repetitions argument specifies that up to M snmp_getnext operations are to be attempted to retrieve the remaining objects.

In this example, three bindings—sysUpTime (1.3.6.1.2.1.1.2.0), ifDescr (1.3.6.1.2.1.2.2.1.2), and ifType (1.3.6.1.2.1.2.2.1.3)—are used. The total number of variable bindings requested is given by the formula N + (M * R), where N is the number of non-repeaters (in this example 1), M is the max-repetitions (in this example 5), and R is the number of request objects (in this case 2, ifDescr and ifType). Using the formula, 1 + (5 * 2) equals 11; and this is the total number of variable bindings that can be retrieved by this snmp_getbulk request command.

Sample results for the individual variables include a retrieved value of sysUpTime.0 being 1336090, where the unit is in milliseconds. The retrieved value of ifDescr.1 (the first interface description) is FastEthernet0/0, and the retrieved value of ifType.1 (the first interface type) is 6, which corresponds to the ethernetCsmacd type.

The following example shows how to retrieve the sysDescr.0, sysObjectID.0, sysUpTime.0, sysContact.0, sysName.0, and sysLocation.0 variables—in this example shown as system.1.0, system.2.0, system.3.0, system.4.0, system.5.0, and system.6.0—from the SNMP entity on the router using the snmp_getid Tcl command extension.

The following example shows how to change something in the configuration of the router using the snmp_setany Tcl command extension. In this example, the hostname of the router is changed to TCLSNMP-HOST.

tclsh

snmp_setany private 1.3.6.1.2.1.1.5.0 -d TCLSNMP-HOST

{<obj oid='system.5.0' val='TCLSNMP-HOST'/>}

Additional References

The following sections provide references related to the Cisco IOS Scripting with Tcl feature.

RFCs

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

—

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

Feature Information for Cisco IOS Scripting with Tcl

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 4 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.